What issues would one hope to find using static call graph analysis on a program? FxCop uses static call graph analysis, what issues does it find using this technique?
http://msdn.microsoft.com/library/bb429476.aspx
http://en.wikipedia.org/wiki/Callgraph
Apologies for my lack of knowledge, I found some information via google, but fear that it is vastly incomplete. Thanks!
This is what I've found:
Call-graphs are used to detect issues in regards to program execution, violation of recommended guidelines, and possible code injection attacks.
By creating a graph of the calling relationships among various methods, it is easy to see where issues may arise at certain times when certain methods are called or how certain methods are called. It's easy to see when a procedure/function may be violating guidelines such as sustaining code modularity. It's easy to see where malicious code could possibly be injected at certain points because of those calling relationships, and how they are structured. In this way, call-graphs provide context to static analysis, producing more accurate results.
Since FxCop uses static call-graphs, it is only able to speculate on the above to a degree.